We currently have primary and secondary DNS servers on our corporate network. They are setup in a master/slave type setup, where the slave gets its DNS information from the master.
I'm trying to figure out what the real advantage is for the master/slave setup instead of just setting up an automated rsync between the two to keep the DNS settings matched.
Can anyone shed some light on this? Or is it just a preferential thing? If that is the case, it seems like the rsync setup would be much easier to setup, maintain and understand.
Best Answer
The master/slave configuration (also known as “zone transfers,”
AXFRorIXFR) is the standard configuration used by most DNS servers. For that reason alone, it’s what I’d recommend, even though it’s complicated.Although I recommend it for interoperability, and because it’s easy for other admins to understand, that doesn’t mean it’s technically the best way to do it.
Daniel Bernstein (of
djbdns/tinydns) strongly prefersrsyncand has this table comparingrsyncvs. zone transfers.rsyncworks great withtinydnsbut I’ve never tried it withbind.If you try it, keep in mind that you’ll probably be writing a script that gets run by
cron. Another admin who looks at your DNS configuration won’t necessarily know this, or know where to find the sync script. By contrast, the regular zone transfer config is right there in your zone files, making it explicit. Whether this matters depends on how many other admins you deal with and how informed you expect them to be about your DNS configuration.